Date: Thu, 16 Sep 2004 04:12:36 -0000 From: Max Laier <max@love2party.net> To: pf4freebsd@freelists.org Subject: [pf4freebsd] Re: why multiple CARP groups Message-ID: <200408172022.21707.max@love2party.net> In-Reply-To: <4121C8A1.40304@hgdbroadband.com> References: <200408052130.51026.max@love2party.net> <4121B403.2020400@hgdbroadband.com> <4121C8A1.40304@hgdbroadband.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Boundary-02=_dzkIBk+OTycKTCZ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Tuesday 17 August 2004 10:58, sam wrote: > Hi, > > I need to get adviced by someone for the usage of CARP+pfsync. > With the BIG example as described in the following page: > http://www.countersiege.com/doc/pfsync-carp/#big > I don't understand why create a different CARP group for each > application server instead of using only one CARP interface for 4 > internal application servers is better. > > With only one CARP address for 4 application servers, traffic still can > be redirected to another app server if one is died. Unless one CARP > address is not efficient. > > Can anyone please explain the difference using multiple CARP groups > instead of one CARP address? The example uses a "rdr source-hash" rule to load balance over the four=20 virtual addresses. You cannot use the CARP version of source-hash as the=20 clients are behind the firewalls and will not balance as a result. If one server dies one of the remaining 3 takes over and has to take twice = the=20 load until the failed server comes back (or the admin modifies the rdr rule= ). =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --Boundary-02=_dzkIBk+OTycKTCZ Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (FreeBSD) iD8DBQBBIkzdXyyEoT62BG0RAm4eAJ4h2cRFo0uNmsl5qaWEU4uJlL8xlQCeOxko 8zUqdOCMPCTC9IuvQUX3Nyc= =QT/v -----END PGP SIGNATURE----- --Boundary-02=_dzkIBk+OTycKTCZ--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200408172022.21707.max>